Linux: Installing Cisco vpn client on Ubuntu 8.04 - the Hardy Heron

If you work for a corporation who uses Cisco VPN and if you are a big Linux fan who use Linux at home this is for you. The steps explained here are for a 2.6.24 kernel version on a 32/64 bit OS. I tested this on Ubuntu 8.04. You will need to apply the patch for the vpnclient to work.

Steps to successfully install and use Cisco vpn client on Ubuntu.
1) Download the VPN client from here.
# wget http://tuxx-home.at/vpn/Linux/vpnclient-linux-x86_64-4.8.01.0640-k9.tar.gz
2) Untar the downloaded file
# tar xvzf vpnclient-linux-x86_64-4.8.01.0640-k9.tar.gz
A new folder "vpnclient" will be created.
3) Go into the "vpnclient" directory
# cd vpnclient
4) Now download the patch from here.
# wget http://tuxx-home.at/projects/cisco-vpnclient/vpnclient-linux-2.6.22.diff
5) Before installing the vpn client you will have to apply the patch using the below command

# patch < vpnclient-linux-2.6.22.diff

6) Now time to install the actual client
# sudo ./vpn_install
Hit enter for all the options asked. You can use the default options provided by the installation.
7) Before using the vpn client you have to start it first.
# sudo /etc/init.d/vpnclient_init start
8) Place the cisco vpn profiles in to the /etc/opt/cisco-vpnclient/Profiles/ directory.
9) To connect to the "sample" vpn network using a "sample.pcf" file you need to use the following command:
# sudo vpnclient connect sample

Vpnclient Usage:
vpnclient connect [user ] [eraseuserpwd | pwd ]
[nocertpwd]
vpnclient disconnect
vpnclient stat [reset] [traffic] [tunnel] [route] [repeat]
vpnclient notify
vpnclient verify [autoinitconfig]
vpnclient autoinit

Some of the errors that I came across when trying to make this work.

1) Error:

/vpnclient/linuxcniapi.c:12:26: error: linux/config.h: No such file or directory
In file included from /vpnclient/Cniapi.h:15,
from /vpnclient/linuxcniapi.c:27:
/vpnclient/GenDefs.h:113: error: conflicting types for ‘uintptr_t’
include/linux/types.h:40: error: previous declaration of ‘uintptr_t’ was here
/vpnclient/linuxcniapi.c: In function ‘CniInjectReceive’:
/vpnclient/linuxcniapi.c:297: error: implicit declaration of function ‘skb_set_timestamp’
/vpnclient/linuxcniapi.c:331: error: ‘struct sk_buff’ has no member named ‘nh’
/vpnclient/linuxcniapi.c:332: error: ‘struct sk_buff’ has no member named ‘mac’
/vpnclient/linuxcniapi.c: In function ‘CniInjectSend’:
/vpnclient/linuxcniapi.c:454: error: ‘struct sk_buff’ has no member named ‘mac’
/vpnclient/linuxcniapi.c:455: error: ‘struct sk_buff’ has no member named ‘nh’
/vpnclient/linuxcniapi.c:458: error: ‘struct sk_buff’ has no member named ‘h’
/vpnclient/linuxcniapi.c:458: error: ‘struct sk_buff’ has no member named ‘nh’
make[2]: *** [/vpnclient/linuxcniapi.o] Error 1
make[1]: *** [_module_/vpnclient] Error 2


make[1]: Leaving directory `/usr/src/linux-headers-2.6.24-19-generic'

make: *** [default] Error 2
Failed to make module "cisco_ipsec.ko".

Reason: You might be downloaded the wrong version of vpnclient for this kernel version.

Solution: Download the vpnclient mentioned above.

2) Error:

Running on: Linux 2.6.24-19-generic #1 SMP Fri Jul 11 23:41:49 UTC 2008 i686
Config file directory: /etc/opt/cisco-vpnclient
The profile specified could not be read.

Reason: You might have used an incorrect syntax.

Solution: Do not use file extension (.pcf) within the syntax. Use the following syntax
# vpnclient connect sample (if you want to use sample.pcf file)

Special thanks to http://tuxx-home.at/